ENTA.jpg

Case Study:
ENT and Allergy AssociateS, LLP

You may download the full case study here.


Objective

With thousands of IT assets and employees and nearly two-hundred medical providers spread across 40+ medical offices throughout New York, the complexities of the ENTA security posture were staggering. "Every IT department is strained for resources," noted Anthony Venuto, Director of Information Technology for ENTA. "We needed a security partner who understood medical environments, and who could help push our team in the right direction." More than providing security assessment and analysis services, the chosen partner had to efficiently identify and communicate security deficiencies, and assist in the prioritization of remediation efforts.


Solution

Given the size and geographic distance of ENTA medical offices, effectively capturing and documenting security exposures posed a challenge. "We didn't have an unlimited budget," said Brian Horton, CEO of Breadcrumb Cybersecurity. "We had to break the mold a bit to ensure we met our client's requirement while ensuring our quality and standards were met." Utilizing a mixture of vulnerability management appliances, on-disk agents, and manual control reviews, Breadcrumb engineers assessed the entire organization within the CIS Top 20 Controls and all within budget. In addition, Breadcrumb performed systematic Wi-Fi testing, on-premise physical barrier assessments, and highly customized penetration testing campaigns. "By performing targeted penetration testing, we demonstrated real-world outcomes," said Brian Horton.


It was a pleasure working with the team at Breadcrumb. Their understanding of security far surpassed our expectations. Breadcrumb’s findings helped shape our path forward to better protecting our critical data.
— Anthony Venuto, Director of Information Technology

Results

From start to finish, the overall engagement was completed in approximately nine (9) weeks. Breadcrumb delivered a cohesive report, outlining organizational strengths, weaknesses, and strategic recommendations. This type of actionable reporting allowed for meaningful resource prioritization and the measurement of ongoing remediation efforts.

Services Delivered

  • Cryptography Review

  • CIS Top 20 Control Review

  • Penetration Testing

  • Vulnerability Assessment


Breadcrumb Cybersecurity helps organizations protect their infrastructure, critical data, and reputation of from advanced threats seeking to do them harm. Based in California, Breadcrumb offers comprehensive cybersecurity services for organizations throughout the U.S. Our services include regulatory compliance, risk assessments, digital forensics, penetration testing, incident response, technical/staff training, 24/7 security operations, and on-going advisory services.